[Bug 1958739]

/+bug/1958739/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1958739] [NEW] Escape sequences in mail input enabling remote code execution

*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold): The mail tool from mailutils executes commands read from stdin if the line begins with the escape sequence ~! or ~| as documented here: https://mailutils.org/manual/html_s